The NIST-developed test is used for testing the quality of pseudo-random number generators in the donor libraries.

For symmetric encryption, we run a selected set of NIST-recommended tests for AES256. Such test sets contain both the initialsation vectors and the expected output.

The only cryptographic implementation hardcoded into Themis (ed25519-driven Socialist Millionaire Protocol used in Secure Comparator) is tested against known attacks via a separate test.

Testing Builds and Major Changes

We strive to build the most complete and explicit tests for Themis. They include both the functional and the API tests (that also check if correct error messages are returned for unexpected/invalid values).

For the core functionality and every language wrapper, including mobile, we created a unit test suit, placed in tests folder.

Several source code analysis tools like Cppcheck (after an issue #130 raised by awesome briongloden) to provide different static analysis output to verify against the output provided by Splint. Cppcheck is particularly good at identifying undefined behaviour.

GCC and Clang in maximum warning verbosity mode to see all the possible warnings. The two compilers used side by side return the most complete tests and bridge the majority of the possible testing gaps.